Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A computer system comprising: a scratchpad memory for storing unencrypted data; an off-chip memory for storing encrypted data; and a processor in communication with the scratchpad memory and the off-chip memory, wherein the processor and the scratchpad memory are integrated within a single integrated circuit, the processor configured to: receive a request to access information stored at an address within a memory hierarchy of the computer system, the memory hierarchy comprising an unencrypted level including an on-chip cache, an encrypted level including the off-chip memory, and the scratchpad memory, the scratchpad memory different from the on-chip cache; determine whether the information corresponding to the address is resident on the integrated circuit; in response to determining the information is not resident on the integrated circuit: issue a read request to the off-chip memory for a page of encrypted information, the page associated with the address within the memory hierarchy; receive the page of encrypted information from the off-chip memory in response to the read request; decrypt the page of encrypted information to generate unencrypted information; and store the unencrypted information in a frame of the scratchpad memory and fill the cache line associated with the address using the unencrypted information.
A computer system is designed to manage secure data access in a memory hierarchy that includes both encrypted and unencrypted storage levels. The system addresses the challenge of efficiently handling encrypted data while maintaining performance and security. It comprises a scratchpad memory for storing unencrypted data, an off-chip memory for storing encrypted data, and a processor integrated with the scratchpad memory on a single chip. The processor is configured to handle data access requests by first determining if the requested information is already resident on the integrated circuit. If not, it issues a read request to the off-chip memory for an encrypted page of data associated with the requested address. Upon receiving the encrypted data, the processor decrypts it and stores the unencrypted version in the scratchpad memory. The processor then fills the corresponding cache line with the unencrypted data, ensuring that the data is available for subsequent access without requiring decryption. The scratchpad memory operates as a distinct level in the memory hierarchy, separate from the on-chip cache, providing a dedicated space for unencrypted data. This approach enhances security by keeping encrypted data off-chip while optimizing performance by minimizing decryption overhead for frequently accessed data.
2. The computer system of claim 1 , wherein storing the unencrypted information in the frame of the scratchpad memory comprises selecting the frame from a plurality of frames of the scratchpad memory.
This invention relates to secure data processing in computer systems, specifically addressing the challenge of protecting sensitive information during computation while minimizing performance overhead. The system includes a processor with a scratchpad memory that stores unencrypted information in a selected frame from multiple available frames. The scratchpad memory is used to temporarily hold data during processing, and the selection of a specific frame ensures that sensitive information is stored in a controlled manner, reducing exposure to unauthorized access. The system may also include mechanisms to encrypt or otherwise secure the data before it is stored in the scratchpad memory, further enhancing security. The processor may dynamically allocate frames based on usage patterns or security requirements, optimizing both performance and protection. This approach balances the need for fast access to data with the requirement to maintain confidentiality, particularly in environments where sensitive operations are performed frequently. The invention is applicable in systems handling encrypted data, such as financial transactions, healthcare records, or other confidential processing tasks.
3. The computer system of claim 1 , wherein the processor is further configured to: select another frame of the scratchpad memory to store in the off-chip memory; encrypt the information of the other frame; and transmit a request to write the encrypted information of the other frame.
This invention relates to a computer system that manages data storage and encryption for a scratchpad memory, particularly focusing on off-chip memory operations. The system addresses the challenge of securely transferring data from a scratchpad memory to an off-chip memory while ensuring data integrity and confidentiality. The processor in the system is configured to select a frame of the scratchpad memory for storage in the off-chip memory, encrypt the information within that frame, and transmit a request to write the encrypted information to the off-chip memory. Additionally, the processor can select another frame from the scratchpad memory, encrypt its information, and transmit a request to write the encrypted information of this other frame. This process ensures that data is securely transferred and stored in an encrypted form, protecting it from unauthorized access during transmission and storage. The system may also include a memory controller that manages the transfer of data between the scratchpad memory and the off-chip memory, ensuring efficient and secure data handling. The encryption process may involve using cryptographic algorithms to convert the data into an encrypted format before transmission, enhancing security. This invention is particularly useful in systems where data security is critical, such as in embedded systems, secure computing environments, or devices handling sensitive information.
4. The computer system of claim 1 , wherein determining where information corresponding to the address within the memory hierarchy is resident comprises searching for a page table entry associated with the address.
This invention relates to computer systems and specifically to methods for efficiently locating data within a memory hierarchy. The problem addressed is the latency and complexity involved in determining the physical memory location of data when only a virtual address is known. Traditional approaches often require multiple memory accesses or complex computations, which can slow down system performance. The invention describes a computer system that includes a memory hierarchy with at least one level of cache and a main memory. The system determines the physical location of data by searching for a page table entry associated with a given virtual address. The page table entry contains metadata that indicates where the corresponding data is stored within the memory hierarchy, such as in a specific cache level or in main memory. This allows the system to quickly locate the data without unnecessary memory accesses or computations. The system may also include mechanisms to update the page table entries dynamically as data moves between different levels of the memory hierarchy. This ensures that the metadata remains accurate and up-to-date, further improving the efficiency of data retrieval. The invention aims to reduce latency and improve performance in computer systems by streamlining the process of locating data in memory.
5. The computer system of claim 1 , further comprising a hardware cryptography engine in communication with the processor and integrated within the single integrated circuit, and wherein the hardware cryptography engine is used to decrypt the page of the encrypted information to generate the unencrypted information.
A computer system is designed to process encrypted information efficiently within a single integrated circuit. The system includes a processor and a memory controller, both integrated on the same chip, to manage encrypted data stored in external memory. The memory controller retrieves a page of encrypted information from the external memory and provides it to the processor for decryption. To enhance security and performance, the system incorporates a dedicated hardware cryptography engine, also integrated within the same chip. This engine decrypts the encrypted page to produce unencrypted information, which the processor can then use for further processing. By integrating the cryptography engine alongside the processor and memory controller, the system reduces latency and improves efficiency in handling encrypted data, making it suitable for applications requiring secure and high-speed data processing. The hardware cryptography engine ensures that decryption is performed securely and quickly, without relying on software-based decryption methods, which can be slower and more vulnerable to attacks. This design is particularly useful in environments where data security and processing speed are critical, such as in embedded systems, secure communication devices, or high-performance computing applications.
6. An integrated circuit comprising: an on-chip memory; and a processor, wherein the processor is configured to: determine whether information associated with a logical address is stored unencrypted within the on-chip memory on the integrated circuit or whether the information associated with the logical address is stored encrypted within an off-chip memory external to the integrated circuit, the on-chip memory being an intermediary layer of a memory hierarchy between a cache of the processor and the off-chip memory; and if the information is not stored unencrypted on the integrated circuit and is stored encrypted within the off-chip memory: retrieve a page associated with the logical address from the off-chip memory containing the encrypted information; decrypt the retrieved page to generate unencrypted information; and store the unencrypted information in a first frame of the on-chip memory.
This invention relates to secure memory management in integrated circuits, specifically addressing the challenge of efficiently handling encrypted and unencrypted data across a memory hierarchy. The system includes an on-chip memory and a processor, where the on-chip memory acts as an intermediary layer between the processor's cache and an external off-chip memory. The processor determines whether data associated with a logical address is stored unencrypted in the on-chip memory or encrypted in the off-chip memory. If the data is encrypted in the off-chip memory, the processor retrieves the encrypted page, decrypts it to produce unencrypted data, and stores the unencrypted data in a designated frame of the on-chip memory. This approach ensures secure data access while optimizing performance by minimizing decryption operations and leveraging the memory hierarchy. The system dynamically manages encryption states to balance security and efficiency, particularly in applications requiring frequent access to encrypted off-chip data.
7. The integrated circuit of claim 6 , wherein the first frame of the on-chip memory is selected from a pool of non-overlapping frames of the on-chip memory.
This invention relates to integrated circuits with on-chip memory management, specifically addressing the challenge of efficiently allocating and managing memory frames to prevent conflicts and improve performance. The integrated circuit includes an on-chip memory divided into multiple non-overlapping frames, where each frame is independently accessible and isolated from others. A selection mechanism ensures that the first frame used for data storage or processing is chosen from a predefined pool of these non-overlapping frames, preventing resource contention and ensuring deterministic access patterns. This approach minimizes latency and reduces the risk of data corruption by avoiding concurrent access to shared memory regions. The system may also include error detection and correction logic to further enhance reliability. The non-overlapping frame selection is particularly useful in real-time systems, where predictable memory access is critical. By structuring memory into isolated frames and enforcing strict selection rules, the invention improves efficiency, security, and fault tolerance in integrated circuit designs.
8. The integrated circuit of claim 6 , wherein the first frame of the on-chip memory is a least-recently-used frame from a pool of frames of the on-chip memory.
This invention relates to integrated circuits with on-chip memory management, specifically addressing efficient frame allocation to optimize performance and resource utilization. The technology focuses on selecting memory frames for data storage based on usage patterns to improve cache efficiency and reduce access latency. The integrated circuit includes an on-chip memory with multiple frames, where each frame stores data for processing tasks. A key feature is the selection of the first frame in the on-chip memory as the least-recently-used (LRU) frame from a pool of available frames. This ensures that the oldest or least accessed frame is prioritized for new data storage, minimizing the displacement of frequently used data and enhancing cache hit rates. The system dynamically tracks frame usage to identify the LRU frame, allowing adaptive memory management that aligns with real-time access patterns. The invention also includes a frame allocation mechanism that assigns the selected LRU frame to a processing task, ensuring efficient utilization of on-chip memory resources. By prioritizing the LRU frame, the system reduces the likelihood of evicting critical data, thereby improving overall system performance and energy efficiency. This approach is particularly beneficial in applications requiring high-speed data processing, such as embedded systems, real-time computing, and AI accelerators.
9. The integrated circuit of claim 6 , wherein the integrated circuit is further configured to: spill a second frame of the on-chip memory to the off-chip memory by encrypting information of the second frame and writing the encrypted information to a second page of the off-chip memory.
This invention relates to integrated circuits with on-chip and off-chip memory management, specifically addressing efficient and secure data transfer between these memory types. The integrated circuit includes a processor and on-chip memory, where data frames are processed and stored. When the on-chip memory is full, the circuit spills frames to off-chip memory to free up space. The spilling process involves encrypting the data of a frame before writing it to a designated page in the off-chip memory, ensuring secure storage. The circuit is further configured to handle multiple frames, encrypting a second frame and writing it to a second page of the off-chip memory. This approach optimizes memory usage while maintaining data security during transfers. The system may include additional features such as memory allocation, encryption key management, and frame prioritization to enhance performance and security. The invention is particularly useful in systems where secure and efficient memory management is critical, such as in embedded systems, IoT devices, or data processing units with limited on-chip memory.
10. The integrated circuit of claim 9 , wherein spilling the second frame of the on-chip memory comprises using an on-chip cryptography accelerator to perform the encryption of the information.
The invention relates to integrated circuits designed for secure data processing, particularly in systems where sensitive information must be protected during memory operations. The problem addressed is the need to securely manage data when transferring frames between different memory levels, such as from on-chip memory to off-chip memory, to prevent unauthorized access or tampering. The integrated circuit includes an on-chip memory with multiple frames, where a first frame is used for active processing and a second frame is designated for spilling to off-chip memory when the on-chip memory is full. To enhance security, the second frame is encrypted before being spilled to off-chip memory. The encryption process is performed using an on-chip cryptography accelerator, which ensures that the data is protected during transfer. The cryptography accelerator may use various encryption algorithms, such as AES (Advanced Encryption Standard), to secure the data. The system also includes a memory controller that manages the transfer of frames between on-chip and off-chip memory, ensuring that only encrypted data is spilled to off-chip storage. This approach prevents unauthorized access to sensitive information stored in the on-chip memory, maintaining data integrity and confidentiality. The invention is particularly useful in applications requiring high security, such as financial transactions, healthcare data processing, and secure communications.
11. The integrated circuit of claim 6 , wherein a page table is used to map logical addresses to storage locations in the memory hierarchy, and wherein the page table is used to determine whether the information associated with the logical address is stored within the on-chip memory or the off-chip memory.
This invention relates to integrated circuits with memory hierarchies, specifically addressing the challenge of efficiently managing data storage and retrieval across on-chip and off-chip memory. The integrated circuit includes a memory hierarchy comprising on-chip memory and off-chip memory, where data is stored in either location based on access patterns or other criteria. A page table is used to map logical addresses to physical storage locations within this hierarchy. The page table determines whether the data associated with a given logical address resides in the on-chip memory or the off-chip memory, enabling the system to quickly locate and access the data. This approach optimizes performance by leveraging the faster access times of on-chip memory for frequently accessed data while utilizing off-chip memory for less frequently used data, reducing latency and improving overall system efficiency. The page table may also include additional metadata or control information to further enhance memory management, such as tracking access frequency or priority levels. The system dynamically updates the page table as data is moved between memory levels, ensuring consistent and accurate address mapping. This solution is particularly useful in systems where memory access latency is a critical performance factor, such as in high-performance computing or real-time processing applications.
12. A method of managing a memory hierarchy of a computing system, the computing system comprising a cache and an integrated memory encapsulated within a package and a non-integrated memory outside of the package, the memory hierarchy comprising the cache, the integrated memory, and the non-integrated memory, the integrated memory different from the cache, the method comprising: receiving a request to access information stored at a logical address; determining whether the information is resident within the cache or the integrated memory encapsulated within the package; if the information is located in the non-integrated memory and not in the integrated memory or the cache: issuing a request to the non-integrated memory for a page containing the information in an encrypted format; receiving the page containing the information in the encrypted format; decrypting the page to generate the information in an unencrypted format; and storing the information in a frame of the integrated memory.
This invention relates to memory management in computing systems with a multi-level memory hierarchy, including a cache, an integrated memory (encapsulated within a package), and a non-integrated memory (outside the package). The problem addressed is efficient data access and security in systems where data may be stored in encrypted form in non-integrated memory, requiring decryption before use. The method involves receiving a request to access information at a logical address and determining whether the data is already resident in the cache or integrated memory. If the data is not found in either, a request is issued to the non-integrated memory for the encrypted page containing the requested information. Upon receiving the encrypted page, it is decrypted to produce the unencrypted data, which is then stored in a frame of the integrated memory. This approach ensures secure data retrieval while optimizing access by leveraging the integrated memory as an intermediate storage layer between the cache and non-integrated memory. The system avoids unnecessary decryption and storage operations by first checking the cache and integrated memory before accessing the non-integrated memory.
13. The method of claim 12 , wherein determining the location of the information within the memory hierarchy comprises searching for a page table entry associated with the logical address of the information.
The invention relates to memory management systems in computing devices, specifically addressing the challenge of efficiently locating and accessing information stored in a memory hierarchy. The method involves determining the location of information within a multi-level memory system, such as a combination of cache, main memory, and secondary storage, by searching for a page table entry associated with the logical address of the information. The page table entry contains metadata that maps the logical address to a physical address, enabling the system to identify where the information is stored in the memory hierarchy. This process ensures that the system can quickly retrieve the information from the correct memory level, optimizing performance and reducing latency. The method may also involve checking the validity of the page table entry and handling cases where the information is not present in the memory hierarchy, such as by triggering a page fault or fetching the data from a secondary storage device. The overall approach improves memory access efficiency by leveraging address translation mechanisms to navigate the memory hierarchy effectively.
14. The method of claim 13 , further comprising updating the page table entry associated with the logical address of the information to indicate that the information is stored in the integrated memory when the information is stored in the frame of the integrated memory.
This invention relates to memory management in computing systems, specifically addressing the challenge of efficiently tracking and managing data stored in integrated memory. The method involves updating a page table entry to reflect the storage location of information when it is moved to or stored in an integrated memory frame. The page table entry, which maps logical addresses to physical memory locations, is modified to indicate that the information resides in the integrated memory. This ensures accurate address translation and proper memory management. The method is part of a broader system that includes a processor, a memory controller, and integrated memory, where the memory controller handles data transfers between the processor and the integrated memory. The integrated memory may be a high-bandwidth, low-latency memory, such as a stacked memory or a memory integrated with the processor. The method optimizes memory access by ensuring the page table accurately reflects the current storage location of data, reducing latency and improving system performance. This approach is particularly useful in systems where data is frequently moved between different memory types or locations.
15. The method of claim 12 , wherein storing the information in the frame of the integrated memory comprises selecting the frame from a plurality of frames of the integrated memory.
This invention relates to memory management in integrated memory systems, specifically addressing the challenge of efficiently storing and retrieving information in a structured manner. The method involves selecting a frame from multiple available frames within an integrated memory to store information, ensuring optimal use of memory resources. The selection process may involve criteria such as frame availability, data type, or access frequency to enhance performance and reduce latency. The integrated memory system is designed to handle various types of data, including but not limited to sensor data, computational results, or user inputs, and may be part of a larger system such as a processor, embedded system, or specialized hardware accelerator. The method ensures that data is stored in a way that minimizes fragmentation and maximizes throughput, improving overall system efficiency. The selection of frames may also consider factors like error correction capabilities, wear leveling, or power consumption to extend the lifespan of the memory and maintain reliability. This approach is particularly useful in applications where memory access patterns are dynamic or unpredictable, such as real-time processing, machine learning, or high-performance computing. The invention aims to provide a flexible and adaptive memory management solution that can be tailored to different workloads and system requirements.
16. The method of claim 15 , wherein storing the information in the frame of the integrated memory comprises overwriting a least-recently-used frame from the plurality of frames of the integrated memory.
This invention relates to memory management in computing systems, specifically addressing the challenge of efficiently storing and retrieving data in integrated memory with limited capacity. The method involves managing a plurality of frames within the integrated memory, where each frame stores information associated with a process or task. When new information needs to be stored, the system identifies a least-recently-used (LRU) frame from the available frames and overwrites it with the new data. This approach ensures that frequently accessed information remains in memory while older or less critical data is replaced, optimizing memory usage and performance. The method may also include tracking access patterns to determine which frames are least recently used, ensuring that the overwriting process is both efficient and adaptive to the system's workload. By dynamically managing memory frames in this way, the system maintains high performance without requiring excessive memory resources. This technique is particularly useful in environments where memory capacity is constrained, such as embedded systems or real-time computing applications.
17. The method of claim 12 , further comprising: selecting another frame of the integrated memory to store in the non-integrated memory; encrypting information of the other frame; and transmitting a request to write the encrypted information of the other frame to the non-integrated memory.
This invention relates to memory management systems, specifically methods for securely transferring data between integrated and non-integrated memory. The problem addressed is the need to protect sensitive data when moving it from a primary (integrated) memory to a secondary (non-integrated) memory, such as external storage or a remote server. The solution involves encrypting data before transmission to prevent unauthorized access during transfer or storage. The method includes selecting a frame of data from the integrated memory for transfer to the non-integrated memory. The selected frame is encrypted to ensure confidentiality. A write request is then transmitted to the non-integrated memory, instructing it to store the encrypted data. Additionally, the method may involve selecting another frame from the integrated memory, encrypting its contents, and transmitting a corresponding write request to the non-integrated memory. This ensures that multiple data frames are securely transferred and stored. The encryption process may use standard cryptographic techniques to protect the data from interception or tampering. The system is designed to work with various types of memory, including volatile and non-volatile storage, and can be applied in computing devices, embedded systems, or cloud storage environments. The primary benefit is enhanced data security during memory transfers, reducing risks associated with unauthorized access or data breaches.
18. The method of claim 12 , wherein the cache and the integrated memory are incorporated into a field-programmable gate array.
A system and method for managing data storage in a computing device involves a cache memory and an integrated memory, both incorporated into a field-programmable gate array (FPGA). The cache memory temporarily stores frequently accessed data to reduce latency, while the integrated memory provides additional storage capacity. The method includes determining whether data should be stored in the cache or the integrated memory based on access patterns, such as frequency and recency of use. If data is frequently accessed, it is stored in the cache for faster retrieval. Less frequently accessed data is moved to the integrated memory to free up cache space. The system dynamically adjusts storage allocation between the cache and integrated memory to optimize performance. The FPGA's reconfigurable nature allows the storage architecture to be adapted for different workloads. This approach improves data access efficiency by leveraging the speed of cache memory while utilizing the larger capacity of integrated memory, reducing overall system latency and enhancing performance in applications requiring high-speed data processing.
19. The method of claim 12 , wherein decrypting the page to generate the information in the unencrypted format comprises using a software cryptography engine.
Technical Summary: This invention relates to data decryption in computing systems, specifically addressing the need for secure and efficient decryption of encrypted data pages. The method involves decrypting an encrypted data page to generate information in an unencrypted format, with the decryption process utilizing a software cryptography engine. The software cryptography engine is a dedicated module within the system that performs cryptographic operations, including decryption, to convert encrypted data into a readable, unencrypted format. This approach ensures that sensitive data remains protected during storage or transmission and is only accessible in its unencrypted form when necessary, typically for processing or display. The use of a software-based cryptography engine provides flexibility and compatibility across different computing environments, as it does not rely on specialized hardware. The method is particularly useful in systems where data security is critical, such as in financial transactions, healthcare records, or enterprise applications. By employing a software cryptography engine, the invention ensures that decryption is performed in a controlled and secure manner, reducing the risk of unauthorized access to sensitive information. The overall system may include additional components for managing encryption keys, handling decryption requests, and verifying data integrity, all working together to provide a robust security framework.
20. The method of claim 12 , wherein the cache and the integrated memory are incorporated into a single integrated circuit.
A system and method for improving data processing efficiency in computing devices involves integrating a cache memory and an integrated memory into a single integrated circuit. The cache memory is used to store frequently accessed data to reduce latency, while the integrated memory provides larger storage capacity for less frequently accessed data. By combining these components into a single chip, the system reduces data transfer delays between separate memory modules, enhancing overall system performance. The integrated circuit may include additional features such as error correction mechanisms, power management controls, and data compression to further optimize memory operations. This approach is particularly useful in high-performance computing environments where minimizing latency and maximizing throughput are critical. The unified memory architecture simplifies system design by reducing the need for external memory controllers and interconnects, leading to lower power consumption and improved reliability. The system dynamically allocates data between the cache and integrated memory based on access patterns, ensuring optimal use of available resources. This integration also supports advanced memory technologies, such as non-volatile memory, to provide persistent storage without sacrificing speed. The overall design aims to address the challenges of memory bottlenecks in modern computing systems by providing a scalable, efficient, and high-performance memory solution.
Unknown
September 24, 2019
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.